Bug#312312: marked as done (woody->sarge upgrade updates ssh_host_key, but not ssh_host_key.pub)
Your message dated Fri, 02 Sep 2005 09:02:07 -0700
with message-id <E1EBDzT-0000bh-00@spohr.debian.org>
and subject line Bug#312312: fixed in openssh 1:4.1p1-7
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 7 Jun 2005 10:26:34 +0000
>From Vince.McIntyre@atnf.csiro.au Tue Jun 07 03:26:34 2005
Return-path: <Vince.McIntyre@atnf.csiro.au>
Received: from act-ironport-ext-out1.csiro.au [150.229.7.37]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DfbI1-0002LP-00; Tue, 07 Jun 2005 03:26:33 -0700
Received: from crux.tip.csiro.au (130.155.194.32)
by act-ironport-ext-out1.csiro.au with SMTP; 07 Jun 2005 20:26:02 +1000
X-BrightmailFiltered: true
X-Brightmail-Tracker: AAAAAQAAA+k=
X-IronPort-AV: i="3.93,178,1114956000";
d="scan'208"; a="48505810:sNHT20963356"
Received: (from daemon@localhost)
by crux.tip.CSIRO.AU (8.9.3/8.9.3/CIPAT-2.1a) id UAA14822
for <submit@bugs.debian.org>; Tue, 7 Jun 2005 20:26:00 +1000 (EST)
Received: from bedlam.atnf.CSIRO.AU(130.155.194.180)
via SMTP by crux.tip.CSIRO.AU, id smtpdAAAa14818; Tue Jun 7 20:25:52 2005
Received: from mci156 (helo=localhost)
by bedlam.atnf.CSIRO.AU with local-esmtp (Exim 3.35 #1 (Debian))
id 1DfbHM-0004jB-00
for <submit@bugs.debian.org>; Tue, 07 Jun 2005 20:25:52 +1000
Date: Tue, 7 Jun 2005 20:25:52 +1000 (EST)
From: Vincent McIntyre <Vince.McIntyre@atnf.csiro.au>
To: submit@bugs.debian.org
Subject: woody->sarge upgrade updates ssh_host_key, but not ssh_host_key.pub
Message-ID: <Pine.LNX.4.44.0506072015540.13144-100000@bedlam.atnf.CSIRO.AU>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: Vincent McIntyre <mci156@bedlam.atnf.CSIRO.AU>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Severity: normal
*** Please type your report below this line ***
The title pretty much says it all. Apologes if I'm missing something,
but the upgrades I did during woody didn't remake the ssh_host_key.
Should this be happening when upgrading to the sarge version?
I didn't see this mentioned in a quick grep thru /usr/share/doc/ssh.
I upgraded from 1:3.4p1-1.woody.3 to 1:3.8.1p1-8.sarge.4 today,
and noticed a change.
ls -lt /etc/ssh/ssh_host*
-rw------- 1 root root 527 Jun 7 16:01 /etc/ssh/ssh_host_key
-rw------- 1 root root 668 Jul 9 2003 /etc/ssh/ssh_host_dsa_key
-rw-r--r-- 1 root root 602 Jul 9 2003 /etc/ssh/ssh_host_dsa_key.pub
-rw------- 1 root root 887 Jul 9 2003 /etc/ssh/ssh_host_rsa_key
-rw-r--r-- 1 root root 222 Jul 9 2003 /etc/ssh/ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 331 Jul 9 2003 /etc/ssh/ssh_host_key.pub
I had backed up the old keys, for reference:
ls -lt /old/etc/ssh/ssh_host*
-rw------- 1 root root 527 Feb 2 2004 /old/etc/ssh/ssh_host_key
-rw------- 1 root root 668 Jul 9 2003 /old/etc/ssh/ssh_host_dsa_key
-rw-r--r-- 1 root root 602 Jul 9 2003 /old/etc/ssh/ssh_host_dsa_key.pub
-rw------- 1 root root 887 Jul 9 2003 /old/etc/ssh/ssh_host_rsa_key
-rw-r--r-- 1 root root 222 Jul 9 2003 /old/etc/ssh/ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 331 Jul 9 2003 /old/etc/ssh/ssh_host_key.pub
md5sum /etc/ssh/ssh_host_key /old/etc/ssh/ssh_host_key
(just showing the first 4 bytes; but they differ all right)
5cd1XXXXXXXXXXXXXXXXXXXXXXXXXXXX /etc/ssh/ssh_host_key
7b8dXXXXXXXXXXXXXXXXXXXXXXXXXXXX /old/etc/ssh/ssh_host_key
I'll try another sarge upgrade to let you know if it's reproducible.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.27-2-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages ssh depends on:
ii adduser 3.63 Add and remove users and groups
ii debconf 1.4.30.13 Debian configuration management sy
ii dpkg 1.10.28 Package maintenance system for Deb
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libpam-modules 0.76-22 Pluggable Authentication Modules f
ii libpam-runtime 0.76-22 Runtime support for the PAM librar
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.2.2-4 compression library - runtime
-- debconf information:
* ssh/privsep_tell:
ssh/insecure_rshd:
ssh/privsep_ask: true
ssh/ssh2_keys_merged:
* ssh/user_environment_tell:
* ssh/forward_warning:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/protocol2_only: false
ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true
* ssh/SUID_client: true
ssh/disable_cr_auth: false
---------------------------------------
Received: (at 312312-close) by bugs.debian.org; 2 Sep 2005 16:08:29 +0000
>From katie@spohr.debian.org Fri Sep 02 09:08:29 2005
Return-path: <katie@spohr.debian.org>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
id 1EBDzT-0000bh-00; Fri, 02 Sep 2005 09:02:07 -0700
From: Colin Watson <cjwatson@debian.org>
To: 312312-close@bugs.debian.org
X-Katie: $Revision: 1.56 $
Subject: Bug#312312: fixed in openssh 1:4.1p1-7
Message-Id: <E1EBDzT-0000bh-00@spohr.debian.org>
Sender: Archive Administrator <katie@spohr.debian.org>
Date: Fri, 02 Sep 2005 09:02:07 -0700
Delivered-To: 312312-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: openssh
Source-Version: 1:4.1p1-7
We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:
openssh-client-udeb_4.1p1-7_powerpc.udeb
to pool/main/o/openssh/openssh-client-udeb_4.1p1-7_powerpc.udeb
openssh-client_4.1p1-7_powerpc.deb
to pool/main/o/openssh/openssh-client_4.1p1-7_powerpc.deb
openssh-server-udeb_4.1p1-7_powerpc.udeb
to pool/main/o/openssh/openssh-server-udeb_4.1p1-7_powerpc.udeb
openssh-server_4.1p1-7_powerpc.deb
to pool/main/o/openssh/openssh-server_4.1p1-7_powerpc.deb
openssh_4.1p1-7.diff.gz
to pool/main/o/openssh/openssh_4.1p1-7.diff.gz
openssh_4.1p1-7.dsc
to pool/main/o/openssh/openssh_4.1p1-7.dsc
ssh-askpass-gnome_4.1p1-7_powerpc.deb
to pool/main/o/openssh/ssh-askpass-gnome_4.1p1-7_powerpc.deb
ssh_4.1p1-7_all.deb
to pool/main/o/openssh/ssh_4.1p1-7_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 312312@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 2 Sep 2005 16:18:11 +0100
Source: openssh
Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server openssh-client openssh-server-udeb
Architecture: source powerpc all
Version: 1:4.1p1-7
Distribution: unstable
Urgency: low
Maintainer: Matthew Vernon <matthew@debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
openssh-client - Secure shell client, an rlogin/rsh/rcp replacement
openssh-client-udeb - Secure shell client for the Debian installer (udeb)
openssh-server - Secure shell server, an rshd replacement
openssh-server-udeb - Secure shell server for the Debian installer (udeb)
ssh - Secure shell client and server (transitional package)
ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 312312 318113
Changes:
openssh (1:4.1p1-7) unstable; urgency=low
.
* Do the IDEA host key check on a temporary file to avoid altering
/etc/ssh/ssh_host_key itself (closes: #312312).
* Work around the ssh-askpass alternative somehow ending up in manual mode
pointing to the obsolete /usr/lib/ssh/gnome-ssh-askpass.
* Add GNU/kFreeBSD support (thanks, Aurelien Jarno; closes: #318113).
* Fix XSIish uses of 'test' in openssh-server.preinst.
* Policy version 3.6.2: no changes required.
Files:
c592abb9e4c2e200449c125d053cbb30 953 net standard openssh_4.1p1-7.dsc
ce7f258bae48b97dd4607f6276287938 153356 net standard openssh_4.1p1-7.diff.gz
befc4172cddc60e30d2762b94c90fda9 1052 net extra ssh_4.1p1-7_all.deb
f827336caeec859b7f0e95ac3bee032b 566430 net standard openssh-client_4.1p1-7_powerpc.deb
935eb17f644c6ec0be7f7996028520d1 214174 net optional openssh-server_4.1p1-7_powerpc.deb
b53c4765429d4e3029fdc2c84164fca9 77864 gnome optional ssh-askpass-gnome_4.1p1-7_powerpc.deb
91edec567a4ef44e8499e3baad85763a 154890 debian-installer optional openssh-client-udeb_4.1p1-7_powerpc.udeb
75cce85041802a99507e510e50f89dd0 162668 debian-installer optional openssh-server-udeb_4.1p1-7_powerpc.udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDGHLr9t0zAhD6TNERAsrDAJ9k+eaIld2iHYS287ei5rHCst4JsgCggaGz
R83PuJ5O2cmypbjJN01YvBk=
=y6lX
-----END PGP SIGNATURE-----
Reply to: